[Gnu-arch-users] Re: expert needed: arch doesn't support multi-committer archives!

[Pau Aliagas]

On Tue, 7 Oct 2003, Ethan Benson wrote:

> On Tue, Oct 07, 2003 at 11:08:29AM +0200, Pau Aliagas wrote:
> > On Mon, 6 Oct 2003, Ethan Benson wrote:
> > 
> > > On Mon, Oct 06, 2003 at 09:46:09AM -0700, Tom Lord wrote:
> > > > In short, I think James has nailed the answer cold and I'm not sure
> > > > why his solution was so glibly brushed aside in favor of all the other
> > > > discussion.
> > > 
> > > because from a system administrators point of view shared accounts are
> > > simply unacceptable.  they provide absolutly no accountability for who
> > > is doing what.
> > 
> > They provide enough in this situation.
> > 
> > > with a shared sftp account anyone granted access to it can sftp in and
> > > rm -rf the entire archive, and nobody can ever hope to figure out who
> > > it was who did it.
> > 
> > You can setup the permissions in ways they will work:
> > 
> > Create userA.groupA to hold the archives:
> > * archive dir belongs to userA.groupA
> > * archive premissions: u+rw, g+rws, o+r
> > 
> > Create an account users_rw that belongs to groupA:
> > * give access to the members that need rw access (put ssh pub keys in place)
> > * all the members that are given sftp through this account will be able to 
> >   read/write the archive
> 
> this is not different then a single shared unaccountable account.

Well, if the ssh key is not enough... more accountability than this is 
difficult. People need the private key to allow them in. So you are sure 
its not someone else.

> > * accounting will be logged
> 
> not in any meaningful way.  unless you only allow connections to the
> shared account from localhost, forcing a real login first.

No need, you are using your key and this can be logged.

Pau